• Home
  • cyber
  • Minnesota Department of Human Services
cyber Breach

Minnesota Department of Human Services

May 11, 2023 1 min read
Minnesota Department of Human Services

Minnesota Department of Human Services (DHS) suffered a data breach incident after a DHS employee accidentally emailed the parent billing statements of 4,307 individuals involved in the program.

The billing statements included first and last names, addresses, DHS-generated billing account numbers, and parental fee account activity.

DHS implemented new procedures to address the error that led to the incident, and communicated these procedure changes to staff.

Source: https://healthitsecurity.com/news/ma-medical-device-company-reports-healthcare-data-breach-29k-impacted

TPRM report: https://scoringcyber.rankiteo.com/company/minnesota-department-of-human-services

"id": "min164122123",
"linkid": "minnesota-department-of-human-services",
"type": "Data Leak",
"date": "11/2022",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 4307,
                        'industry': 'Public Sector',
                        'location': 'Minnesota, USA',
                        'name': 'Minnesota Department of Human Services',
                        'type': 'Government Agency'}],
 'attack_vector': 'Human Error',
 'data_breach': {'number_of_records_exposed': 4307,
                 'personally_identifiable_information': ['first and last names',
                                                         'addresses'],
                 'sensitivity_of_data': 'Medium',
                 'type_of_data_compromised': ['Personal Information',
                                              'Account Information']},
 'description': 'Minnesota Department of Human Services (DHS) suffered a data '
                'breach incident after a DHS employee accidentally emailed the '
                'parent billing statements of 4,307 individuals involved in '
                'the program. The billing statements included first and last '
                'names, addresses, DHS-generated billing account numbers, and '
                'parental fee account activity.',
 'impact': {'data_compromised': ['first and last names',
                                 'addresses',
                                 'DHS-generated billing account numbers',
                                 'parental fee account activity']},
 'post_incident_analysis': {'corrective_actions': ['Implemented new procedures '
                                                   'to address the error',
                                                   'Communicated procedure '
                                                   'changes to staff'],
                            'root_causes': 'Human Error'},
 'response': {'remediation_measures': ['Implemented new procedures to address '
                                       'the error',
                                       'Communicated procedure changes to '
                                       'staff']},
 'title': 'Minnesota DHS Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Human Error'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Breach cyber

Episource

public 1 min read
Unknown miscreants have stolen data describing around 5.4 million customers of healthcare technology firm Episource. The company, which offers…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.